...
| Code Block | ||
|---|---|---|
| ||
int main(int argc, char *argv[]) {
/* ... */
char * prog_name;
size_t prog_size;
prog_size = strlen(argv[0])+1;
prog_name = (char *)malloc(prog_size);
if (prog_name != NULL) {
if (strcpy_s(prog_name, prog_size, argv[0])) {
/* Handle strcpy_s() error */
}
}
else {
/* Couldn't get the memory - recover */
}
/* ... */
}
|
...
Compass/ROSE can detect violations of the rule except for . However, it is unable to handle cases involving strcpy_s() and or manual string copies such as the one in the first example.
Related Vulnerabilities
...